Skip to content
Puede usar nuestro buscador para encontrar información sobre los productos y soluciones de InterSystems, las oportunidades de desarrollo profesional, los casos de uso, novedades y mucho más. Los resultados incluyen el contenido de nuestra comunidad de desarrolladores, documentación de productos y formación, además de InterSystems.com.

Advisory: Cross-site Scripting Issue in the Clinical Viewer

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.

RELATED TOPICS